Openembedded Core Discussions
 help / color / mirror / Atom feed
* [OE-core][mickledore 00/20] Patch review
@ 2023-08-26 15:38 Steve Sakoman
  2023-08-26 15:38 ` [OE-core][mickledore 01/20] curl: fix CVE-2023-32001 Steve Sakoman
                   ` (19 more replies)
  0 siblings, 20 replies; 23+ messages in thread
From: Steve Sakoman @ 2023-08-26 15:38 UTC (permalink / raw)
  To: openembedded-core

Please review this set of changes for mickledore and have comments back by
end of day Tuesday, August 29.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5786

The following changes since commit 7e3489c0c5970389c8a239dc7b367bcadf554eb5:

  build-appliance-image: Update to mickledore head revision (2023-08-18 03:58:04 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/mickledore-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/mickledore-nut

Alexis Lothoré (1):
  oeqa/utils/gitarchive: fix tag computation when creating archive

Chee Yang Lee (3):
  curl: fix CVE-2023-32001
  ghostscript: fix CVE-2023-38559
  librsvg: upgrade to 2.54.6

Markus Volk (1):
  gtk4: upgrade 4.10.4 -> 4.10.5

Michael Halstead (2):
  yocto-uninative: Update hashes for uninative 4.1
  yocto-uninative: Update to 4.2 for glibc 2.38

Michael Opdenacker (1):
  scripts/create-pull-request: update URLs to git repositories

Narpat Mali (2):
  ffmpeg: add CVE_CHECK_IGNORE for CVE-2023-39018
  python3-git: upgrade 3.1.31 -> 3.1.32

Peter Marko (1):
  openssl: Upgrade 3.1.1 -> 3.1.2

Peter Suti (1):
  externalsrc: fix dependency chain issues

Richard Purdie (4):
  pseudo: Fix to work with glibc 2.38
  lib/package_manager: Improve repo artefact filtering
  gnupg: Fix reproducibility failure
  resulttool/report: Avoid divide by zero

Ross Burton (2):
  linux-yocto: add script to generate kernel CVE_CHECK_IGNORE entries
  linux/cve-exclusion: add generated CVE_CHECK_IGNOREs

Wang Mingyu (1):
  file: upgrade 5.44 -> 5.45

sanjana (1):
  glibc: stable 2.37 branch updates

 meta/classes/externalsrc.bbclass              |    7 +-
 meta/conf/distro/include/yocto-uninative.inc  |   10 +-
 meta/lib/oe/package_manager/__init__.py       |    5 +-
 meta/lib/oeqa/utils/gitarchive.py             |    6 +-
 .../{openssl_3.1.1.bb => openssl_3.1.2.bb}    |    2 +-
 meta/recipes-core/glibc/glibc-version.inc     |    2 +-
 .../file/{file_5.44.bb => file_5.45.bb}       |    2 +-
 .../pseudo/files/glibc238.patch               |   72 +
 meta/recipes-devtools/pseudo/pseudo_git.bb    |    1 +
 ...n3-git_3.1.31.bb => python3-git_3.1.32.bb} |    2 +-
 .../ghostscript/CVE-2023-38559.patch          |   31 +
 .../ghostscript/ghostscript_10.0.0.bb         |    1 +
 .../gtk+/{gtk4_4.10.4.bb => gtk4_4.10.5.bb}   |    2 +-
 .../{librsvg_2.54.5.bb => librsvg_2.54.6.bb}  |    2 +-
 .../linux/cve-exclusion_6.1.inc               | 7250 ++++++++++++++++-
 .../linux/generate-cve-exclusions.py          |  101 +
 .../recipes-multimedia/ffmpeg/ffmpeg_5.1.2.bb |    6 +
 .../curl/curl/CVE-2023-32001.patch            |   39 +
 meta/recipes-support/curl/curl_8.0.1.bb       |    1 +
 meta/recipes-support/gnupg/gnupg_2.4.2.bb     |    2 +
 scripts/create-pull-request                   |    7 +-
 scripts/lib/resulttool/report.py              |    5 +-
 22 files changed, 7502 insertions(+), 54 deletions(-)
 rename meta/recipes-connectivity/openssl/{openssl_3.1.1.bb => openssl_3.1.2.bb} (99%)
 rename meta/recipes-devtools/file/{file_5.44.bb => file_5.45.bb} (97%)
 create mode 100644 meta/recipes-devtools/pseudo/files/glibc238.patch
 rename meta/recipes-devtools/python/{python3-git_3.1.31.bb => python3-git_3.1.32.bb} (92%)
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2023-38559.patch
 rename meta/recipes-gnome/gtk+/{gtk4_4.10.4.bb => gtk4_4.10.5.bb} (98%)
 rename meta/recipes-gnome/librsvg/{librsvg_2.54.5.bb => librsvg_2.54.6.bb} (97%)
 create mode 100755 meta/recipes-kernel/linux/generate-cve-exclusions.py
 create mode 100644 meta/recipes-support/curl/curl/CVE-2023-32001.patch

-- 
2.34.1



^ permalink raw reply	[flat|nested] 23+ messages in thread
* [OE-core][mickledore 00/20] Patch review
@ 2023-08-30 17:48 Steve Sakoman
  0 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2023-08-30 17:48 UTC (permalink / raw)
  To: openembedded-core

Please review this set of patches for mickledore and have comments back by
end of day Friday, September 1.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5798

The following changes since commit a46782c9f54bcb0389ea1016e37b6939aae79bfb:

  resulttool/report: Avoid divide by zero (2023-08-25 12:24:11 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/mickledore-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/mickledore-nut

Anuj Mittal (1):
  gstreamer1.0: upgrade 1.22.4 -> 1.22.5

Bruce Ashfield (7):
  linux-yocto/6.1: update to v6.1.41
  linux-yocto/6.1: update to v6.1.43
  linux-yocto/6.1: update to v6.1.44
  linux-yocto/6.1: update to v6.1.45
  linux-yocto/6.1: fix uninitialized read in nohz_full/isolcpus setup
  linux-yocto/6.1: update to v6.1.46
  linux-yocto/6.1: fix IRQ-80 warnings

Etienne Cordonnier (1):
  vim: update obsolete comment

Khem Raj (1):
  build-sysroots: Add SUMMARY field

Markus Niebel (1):
  wic: fix wrong attempt to create file system in upartitioned regions

Martin Jansa (1):
  tcl: prevent installing another copy of tzdata

Narpat Mali (1):
  python3-pygments: fix for CVE-2022-40896

Ovidiu Panait (1):
  mdadm: skip running 04update-uuid and 07revert-inplace testcases

Poonam Jadhav (1):
  pixman: Remove duplication of license MIT

Richard Purdie (1):
  build-sysroots: Ensure dependency chains are minimal

Ross Burton (2):
  procps: backport fix for CVE-2023-4016
  graphene: fix runtime detection of IEEE754 behaviour

Wang Mingyu (1):
  tar: upgrade 1.34 -> 1.35

Yogita Urade (1):
  inetutils: fix CVE-2023-40303

 ...tpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch | 284 +++++++++++++++++
 ...03-Indent-changes-in-previous-commit.patch | 258 +++++++++++++++
 .../inetutils/inetutils_2.4.bb                |   2 +
 meta/recipes-core/meta/build-sysroots.bb      |   7 +-
 .../CVE-2022-40896-0001.patch                 |  49 +++
 .../CVE-2022-40896-0002.patch                 | 301 ++++++++++++++++++
 .../python/python3-pygments_2.14.0.bb         |   4 +
 meta/recipes-devtools/tcltk/tcl_8.6.13.bb     |   6 +
 ...n-files-for-04update-uuid-and-07reve.patch |  39 +++
 meta/recipes-extended/mdadm/mdadm_4.2.bb      |   1 +
 .../procps/procps/CVE-2023-4016.patch         |  73 +++++
 meta/recipes-extended/procps/procps_4.0.3.bb  |   1 +
 .../tar/tar/CVE-2022-48303.patch              |  43 ---
 .../tar/{tar_1.34.bb => tar_1.35.bb}          |   8 +-
 .../graphene/files/float-div.patch            |  28 ++
 .../graphene/graphene_1.10.8.bb               |   2 +
 .../xorg-lib/pixman_0.42.2.bb                 |   2 +-
 .../linux/linux-yocto-rt_6.1.bb               |   6 +-
 .../linux/linux-yocto-tiny_6.1.bb             |   6 +-
 meta/recipes-kernel/linux/linux-yocto_6.1.bb  |  28 +-
 ...tools_1.22.4.bb => gst-devtools_1.22.5.bb} |   2 +-
 ...1.22.4.bb => gstreamer1.0-libav_1.22.5.bb} |   2 +-
 ...x_1.22.4.bb => gstreamer1.0-omx_1.22.5.bb} |   2 +-
 ....bb => gstreamer1.0-plugins-bad_1.22.5.bb} |   2 +-
 ...bb => gstreamer1.0-plugins-base_1.22.5.bb} |   2 +-
 ...bb => gstreamer1.0-plugins-good_1.22.5.bb} |   2 +-
 ...bb => gstreamer1.0-plugins-ugly_1.22.5.bb} |   2 +-
 ....22.4.bb => gstreamer1.0-python_1.22.5.bb} |   2 +-
 ....bb => gstreamer1.0-rtsp-server_1.22.5.bb} |   2 +-
 ...1.22.4.bb => gstreamer1.0-vaapi_1.22.5.bb} |   2 +-
 ...er1.0_1.22.4.bb => gstreamer1.0_1.22.5.bb} |   2 +-
 meta/recipes-support/vim/vim.inc              |   5 +-
 scripts/lib/wic/partition.py                  |   2 +-
 33 files changed, 1092 insertions(+), 85 deletions(-)
 create mode 100644 meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch
 create mode 100644 meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch
 create mode 100644 meta/recipes-devtools/python/python3-pygments/CVE-2022-40896-0001.patch
 create mode 100644 meta/recipes-devtools/python/python3-pygments/CVE-2022-40896-0002.patch
 create mode 100644 meta/recipes-extended/mdadm/files/0001-tests-add-.broken-files-for-04update-uuid-and-07reve.patch
 create mode 100644 meta/recipes-extended/procps/procps/CVE-2023-4016.patch
 delete mode 100644 meta/recipes-extended/tar/tar/CVE-2022-48303.patch
 rename meta/recipes-extended/tar/{tar_1.34.bb => tar_1.35.bb} (87%)
 create mode 100644 meta/recipes-graphics/graphene/files/float-div.patch
 rename meta/recipes-multimedia/gstreamer/{gst-devtools_1.22.4.bb => gst-devtools_1.22.5.bb} (95%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-libav_1.22.4.bb => gstreamer1.0-libav_1.22.5.bb} (91%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-omx_1.22.4.bb => gstreamer1.0-omx_1.22.5.bb} (95%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-bad_1.22.4.bb => gstreamer1.0-plugins-bad_1.22.5.bb} (98%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-base_1.22.4.bb => gstreamer1.0-plugins-base_1.22.5.bb} (97%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-good_1.22.4.bb => gstreamer1.0-plugins-good_1.22.5.bb} (97%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-ugly_1.22.4.bb => gstreamer1.0-plugins-ugly_1.22.5.bb} (94%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-python_1.22.4.bb => gstreamer1.0-python_1.22.5.bb} (91%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-rtsp-server_1.22.4.bb => gstreamer1.0-rtsp-server_1.22.5.bb} (90%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-vaapi_1.22.4.bb => gstreamer1.0-vaapi_1.22.5.bb} (95%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0_1.22.4.bb => gstreamer1.0_1.22.5.bb} (97%)

-- 
2.34.1



^ permalink raw reply	[flat|nested] 23+ messages in thread
* [OE-core][mickledore 00/20] Patch review
@ 2023-10-11  0:01 Steve Sakoman
  0 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2023-10-11  0:01 UTC (permalink / raw)
  To: openembedded-core

Please review this set of changes for mickledore and have comments back by
end of day Thursday, October 12.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6031

The following changes since commit aa90e5ea1fe77c97e5915e5e9a69bbd0b9461d09:

  linux/generate-cve-exclusions: print the generated time in UTC (2023-10-05 04:43:37 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/mickledore-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/mickledore-nut

Alexander Kanavin (2):
  gnupg: upgrade 2.4.2 -> 2.4.3
  openssl: build and install manpages only if they are enabled

Archana Polampalli (1):
  gstreamer: upgrade 1.22.5 -> 1.22.6

Bruce Ashfield (2):
  linux-yocto/6.1: update to v6.1.52
  linux-yocto/6.1: update to v6.1.53

Emil Kronborg Andersen (2):
  dbus: add additional entries to CVE_PRODUCT
  libxkbcommon: add CVE_PRODUCT

Mikko Rapeli (3):
  oeqa selftest context.py: whitespace fix
  oeqa selftest context.py: remove warning from missing meta-selftest
  oeqa selftest context.py: fix git commands and set branch name

Peter Marko (1):
  openssl: Upgrade 3.1.2 -> 3.1.3

Richard Purdie (1):
  mdadm: Disable further tests due to intermittent failures

Ross Burton (6):
  glib-2.0: libelf has a configure option now, specify it
  pango: explictly enable/disable libthai
  libsoup-2.4: update PACKAGECONFIG
  wayland-utils: add libdrm PACKAGECONFIG
  busybox: remove coreutils dependency in busybox-ptest
  libgudev: explicitly disable tests and vapi

Steve Sakoman (1):
  linux-yocto: update kernel exclusions for 6.1

Yuta Hayama (1):
  linux/generate-cve-exclusions: fix mishandling of boundary values

 meta/lib/oeqa/selftest/context.py             |    8 +-
 .../{openssl_3.1.2.bb => openssl_3.1.3.bb}    |    7 +-
 meta/recipes-core/busybox/busybox.inc         |    2 +-
 .../busybox/busybox/start-stop-false.patch    |   35 +
 meta/recipes-core/busybox/busybox_1.36.1.bb   |    1 +
 meta/recipes-core/dbus/dbus_1.14.8.bb         |    2 +-
 meta/recipes-core/glib-2.0/glib.inc           |    3 +-
 meta/recipes-extended/mdadm/mdadm_4.2.bb      |    5 +
 meta/recipes-gnome/libgudev/libgudev_237.bb   |    2 +
 meta/recipes-graphics/pango/pango_1.50.14.bb  |    2 +-
 .../wayland/wayland-utils_1.1.0.bb            |    3 +
 .../xorg-lib/libxkbcommon_1.5.0.bb            |    2 +
 .../linux/cve-exclusion_6.1.inc               | 4226 +++++++++--------
 .../linux/generate-cve-exclusions.py          |   14 +-
 .../linux/linux-yocto-rt_6.1.bb               |    6 +-
 .../linux/linux-yocto-tiny_6.1.bb             |    6 +-
 meta/recipes-kernel/linux/linux-yocto_6.1.bb  |   28 +-
 ...tools_1.22.5.bb => gst-devtools_1.22.6.bb} |    2 +-
 ...1.22.5.bb => gstreamer1.0-libav_1.22.6.bb} |    2 +-
 ...x_1.22.5.bb => gstreamer1.0-omx_1.22.6.bb} |    2 +-
 ....bb => gstreamer1.0-plugins-bad_1.22.6.bb} |    2 +-
 ...bb => gstreamer1.0-plugins-base_1.22.6.bb} |    2 +-
 ...bb => gstreamer1.0-plugins-good_1.22.6.bb} |    2 +-
 ...bb => gstreamer1.0-plugins-ugly_1.22.6.bb} |    2 +-
 ....22.5.bb => gstreamer1.0-python_1.22.6.bb} |    2 +-
 ....bb => gstreamer1.0-rtsp-server_1.22.6.bb} |    2 +-
 ...1.22.5.bb => gstreamer1.0-vaapi_1.22.6.bb} |    2 +-
 ...er1.0_1.22.5.bb => gstreamer1.0_1.22.6.bb} |    2 +-
 ...-a-custom-value-for-the-location-of-.patch |    4 +-
 .../gnupg/gnupg/fix-ldap.patch                |   34 +
 .../gnupg/gnupg/relocate.patch                |    2 +-
 .../gnupg/{gnupg_2.4.2.bb => gnupg_2.4.3.bb}  |    3 +-
 .../libsoup/libsoup-2.4_2.74.3.bb             |   18 +-
 33 files changed, 2276 insertions(+), 2159 deletions(-)
 rename meta/recipes-connectivity/openssl/{openssl_3.1.2.bb => openssl_3.1.3.bb} (97%)
 create mode 100644 meta/recipes-core/busybox/busybox/start-stop-false.patch
 rename meta/recipes-multimedia/gstreamer/{gst-devtools_1.22.5.bb => gst-devtools_1.22.6.bb} (95%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-libav_1.22.5.bb => gstreamer1.0-libav_1.22.6.bb} (91%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-omx_1.22.5.bb => gstreamer1.0-omx_1.22.6.bb} (95%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-bad_1.22.5.bb => gstreamer1.0-plugins-bad_1.22.6.bb} (98%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-base_1.22.5.bb => gstreamer1.0-plugins-base_1.22.6.bb} (97%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-good_1.22.5.bb => gstreamer1.0-plugins-good_1.22.6.bb} (97%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-ugly_1.22.5.bb => gstreamer1.0-plugins-ugly_1.22.6.bb} (94%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-python_1.22.5.bb => gstreamer1.0-python_1.22.6.bb} (91%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-rtsp-server_1.22.5.bb => gstreamer1.0-rtsp-server_1.22.6.bb} (90%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-vaapi_1.22.5.bb => gstreamer1.0-vaapi_1.22.6.bb} (95%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0_1.22.5.bb => gstreamer1.0_1.22.6.bb} (97%)
 create mode 100644 meta/recipes-support/gnupg/gnupg/fix-ldap.patch
 rename meta/recipes-support/gnupg/{gnupg_2.4.2.bb => gnupg_2.4.3.bb} (96%)

-- 
2.34.1



^ permalink raw reply	[flat|nested] 23+ messages in thread
end of thread, other threads:[~2023-10-11  0:01 UTC | newest]

Thread overview: 23+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-08-26 15:38 [OE-core][mickledore 00/20] Patch review Steve Sakoman
2023-08-26 15:38 ` [OE-core][mickledore 01/20] curl: fix CVE-2023-32001 Steve Sakoman
2023-08-26 15:38 ` [OE-core][mickledore 02/20] ghostscript: fix CVE-2023-38559 Steve Sakoman
2023-08-26 15:38 ` [OE-core][mickledore 03/20] ffmpeg: add CVE_CHECK_IGNORE for CVE-2023-39018 Steve Sakoman
2023-08-26 15:38 ` [OE-core][mickledore 04/20] linux-yocto: add script to generate kernel CVE_CHECK_IGNORE entries Steve Sakoman
2023-08-26 15:38 ` [OE-core][mickledore 05/20] linux/cve-exclusion: add generated CVE_CHECK_IGNOREs Steve Sakoman
2023-08-26 15:38 ` [OE-core][mickledore 06/20] librsvg: upgrade to 2.54.6 Steve Sakoman
2023-08-26 15:38 ` [OE-core][mickledore 07/20] glibc: stable 2.37 branch updates Steve Sakoman
2023-08-26 15:38 ` [OE-core][mickledore 08/20] python3-git: upgrade 3.1.31 -> 3.1.32 Steve Sakoman
2023-08-26 15:38 ` [OE-core][mickledore 09/20] file: upgrade 5.44 -> 5.45 Steve Sakoman
2023-08-26 15:38 ` [OE-core][mickledore 10/20] gtk4: upgrade 4.10.4 -> 4.10.5 Steve Sakoman
2023-08-26 15:38 ` [OE-core][mickledore 11/20] openssl: Upgrade 3.1.1 -> 3.1.2 Steve Sakoman
2023-08-26 15:38 ` [OE-core][mickledore 12/20] pseudo: Fix to work with glibc 2.38 Steve Sakoman
2023-08-26 15:38 ` [OE-core][mickledore 13/20] yocto-uninative: Update hashes for uninative 4.1 Steve Sakoman
2023-08-26 15:38 ` [OE-core][mickledore 14/20] yocto-uninative: Update to 4.2 for glibc 2.38 Steve Sakoman
2023-08-26 15:38 ` [OE-core][mickledore 15/20] lib/package_manager: Improve repo artefact filtering Steve Sakoman
2023-08-26 15:38 ` [OE-core][mickledore 16/20] gnupg: Fix reproducibility failure Steve Sakoman
2023-08-26 15:38 ` [OE-core][mickledore 17/20] externalsrc: fix dependency chain issues Steve Sakoman
2023-08-26 15:38 ` [OE-core][mickledore 18/20] scripts/create-pull-request: update URLs to git repositories Steve Sakoman
2023-08-26 15:38 ` [OE-core][mickledore 19/20] oeqa/utils/gitarchive: fix tag computation when creating archive Steve Sakoman
2023-08-26 15:38 ` [OE-core][mickledore 20/20] resulttool/report: Avoid divide by zero Steve Sakoman
  -- strict thread matches above, loose matches on Subject: below --
2023-08-30 17:48 [OE-core][mickledore 00/20] Patch review Steve Sakoman
2023-10-11  0:01 Steve Sakoman

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox